Setup.exe stopped working during uninstall

M

MamaDee6

Member
I am having trouble with my camera software program. Windows is telling me it can't load the specified file. It won't open it at all, so I decided to uninstall it and try again. But I keep getting a message saying "setup.exe has stopped working and it's searching for a solution" but it never finds one.

So.....I can't open the photo program....but I can't uninstall it, either. Is there any other way to uninstall a program besides control panel. We tried to find every file regarding the program, but that didn't remove it from the control panel list either. When I try to install it from the disk, it tells me to uninstall it first.


We have had a trojan horse message pop up the last few days, so I am wondering if this is all related. That's a whole other topic........
 

My Computer

System One

Hello MamaDee6, welcome to Vista Forums!



The first thing to do is to download, install and run a full scan using the free malware scanner at the link below, then let us know what it comes up with.


Malwarebytes Free Malware Scanner



You can do a system restore to a point before you first installed the camera software, that should remove it, have a look at the tutorial at the link below.

Be sure to post back to keep us informed.

How to Do a System Restore in Vista
 

My Computer

System One

  • Manufacturer/Model
    * BFK Customs *
    CPU
    Intel C2Q 9550 Yorkfield
    Motherboard
    ASUS P5Q Pro
    Memory
    8GB Dominator 8500C5D
    Graphics card(s)
    XFX ATI 1GB 4870 XXX
    Sound Card
    Realtek HD 7-1
    Monitor(s) Displays
    1x 47" LCD HDMI & 2x 26" LCD HDMI
    Screen Resolution
    1920x1080P & 1920x1200
    Hard Drives
    2x 500GB 7200RPM 32MB Cache WD Caviar Black
    PSU
    Corsair 620HX
    Case
    CM Cosmos RC-1000
    Cooling
    Tuniq Tower 120, 2x 140mm and 3x 120mm case fans
    Mouse
    Razer Diamondback 3G
    Keyboard
    HP Enhansed Multimedia
    Internet Speed
    18.6Mb/s
    Other Info
    My First Build ;)
Thanks for the heads up about Malware. I installed it and ran it...it found 45 items. So I had it quarantine and remove them, but it did no good in regards to the photo software. I did a systemp restore back a couple of weeks, but if I go back to before my photo software.....we're talking 8 months or so. Is that wise?

Maybe you guys can tell me what what the info. Malware reported is.....

Here is what it found:

Code: 
Malwarebytes' Anti-Malware 1.46
[URL="http://www.malwarebytes.org/"]Malwarebytes[/URL]
 
Database version: 4262
 
Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005
 
6/30/2010 8:26:16 PM
mbam-log-2010-06-30 (20-26-16).txt
 
Scan type: Full scan (C:\|D:\|)
Objects scanned: 463708
Time elapsed: 2 hour(s), 29 minute(s), 20 second(s)
 
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 19
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 6
Files Infected: 20
 
Memory Processes Infected:
(No malicious items detected)
 
Memory Modules Infected:
(No malicious items detected)
 
Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 
Registry Values Infected:
(No malicious items detected)
 
Registry Data Items Infected:
(No malicious items detected)
 
Folders Infected:
C:\Program Files (x86)\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Windows\System32\SYSTEM32 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\SYSTEM32\DRIVERS (Trojan.Agent) -> Quarantined and deleted successfully.
 
Files Infected:
C:\ProgramData\_qbothome\q1.9750 (Trojan.Qakbot) -> Quarantined and deleted successfully.
C:\Users\Ian\AppData\Local\Mozilla\Firefox\Profiles\9w2fqlqx.default\Cache\29A4966Bd01 (Adware.HotBar) -> Quarantined and deleted successfully.
C:\Users\Ian\AppData\Local\Mozilla\Firefox\Profiles\9w2fqlqx.default\Cache\DB3AA04Ed01 (Adware.HotBar) -> Quarantined and deleted successfully.
C:\Users\Ian\AppData\Local\Temp\2F5_TvzC.exe.part (Adware.HotBar) -> Quarantined and deleted successfully.
C:\Users\Ian\AppData\Local\Temp\alH8Tn6o.exe.part (Adware.HotBar) -> Quarantined and deleted successfully.
C:\Users\Ian\AppData\Local\Temp\B8mFREqK.exe.part (Adware.HotBar) -> Quarantined and deleted successfully.
C:\Users\Ian\AppData\Local\Temp\E7T6LoyK.exe.part (Adware.HotBar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Windows\System32\SYSTEM32\DRIVERS\rtl8187.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\SYSTEM32\DRIVERS\rtl8187B.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Ian\Desktop\Click to Find and Fix Errors.lnk (Rogue.Link) -> Quarantined and deleted successfully.
C:\Users\hanlon\Local Settings\Application Data\010112010146100109.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Users\hanlon\Local Settings\Application Data\010112010146115119.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Users\hanlon\Local Settings\Application Data\0101120101465198.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Users\Ian\Local Settings\Application Data\010112010146100109.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Users\Ian\Local Settings\Application Data\010112010146115119.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Users\Ian\Local Settings\Application Data\0101120101465198.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Users\luke\Local Settings\Application Data\010112010146100109.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Users\luke\Local Settings\Application Data\010112010146115119.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Users\luke\Local Settings\Application Data\0101120101465198.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.

What does any of this mean? Is it really bad?

Thanks for all your time and help.

Dee
 

My Computer

System One

Hello again.



Yes, it's really bad, was Malwarebytes (MBAM) able to clean it up, it may take several scans/cleans to be successful., run several scans.
Do you have a bunch of data on it you don't want to lose?

Do you have a Vista install disk?
 

My Computer

System One

  • Manufacturer/Model
    * BFK Customs *
    CPU
    Intel C2Q 9550 Yorkfield
    Motherboard
    ASUS P5Q Pro
    Memory
    8GB Dominator 8500C5D
    Graphics card(s)
    XFX ATI 1GB 4870 XXX
    Sound Card
    Realtek HD 7-1
    Monitor(s) Displays
    1x 47" LCD HDMI & 2x 26" LCD HDMI
    Screen Resolution
    1920x1080P & 1920x1200
    Hard Drives
    2x 500GB 7200RPM 32MB Cache WD Caviar Black
    PSU
    Corsair 620HX
    Case
    CM Cosmos RC-1000
    Cooling
    Tuniq Tower 120, 2x 140mm and 3x 120mm case fans
    Mouse
    Razer Diamondback 3G
    Keyboard
    HP Enhansed Multimedia
    Internet Speed
    18.6Mb/s
    Other Info
    My First Build ;)
Crap.

Well, if by clean it up, you mean "quarantine and remove," then yes, it did that. I'll try scanning again, b/c that doesn't seem to have helped.

I do not have a Windows Vista disk, b/c it came already installed on the computer.

Why do I need it?


Also.....I'm trying to uninstall my photo program....is there any other way to do that than through Control Panel and uninstall? Panasonic told me there was and to call Microsoft. Microsoft told me they'd charge me $$$ to tell me anything and to call Gateway.....I never got off hold with Gateway. Ugh.

I appreciate you guys.

Dee
 

My Computer

System One

Hello Dee.



Have a look at the link below, this may remove the issue for you.

Revo Uninstaller
 

My Computer

System One

  • Manufacturer/Model
    * BFK Customs *
    CPU
    Intel C2Q 9550 Yorkfield
    Motherboard
    ASUS P5Q Pro
    Memory
    8GB Dominator 8500C5D
    Graphics card(s)
    XFX ATI 1GB 4870 XXX
    Sound Card
    Realtek HD 7-1
    Monitor(s) Displays
    1x 47" LCD HDMI & 2x 26" LCD HDMI
    Screen Resolution
    1920x1080P & 1920x1200
    Hard Drives
    2x 500GB 7200RPM 32MB Cache WD Caviar Black
    PSU
    Corsair 620HX
    Case
    CM Cosmos RC-1000
    Cooling
    Tuniq Tower 120, 2x 140mm and 3x 120mm case fans
    Mouse
    Razer Diamondback 3G
    Keyboard
    HP Enhansed Multimedia
    Internet Speed
    18.6Mb/s
    Other Info
    My First Build ;)
Thanks for the uninstaller, it worked great. I was able to uninstall and then reinstall my photo fun program and then download the updates for it. I also ran another full system scan with Malware and it found 0 threats this time.

But I still get the trojan horse warning box whenever I plug my camera into the computer. I also get another box telling me that there is no disk in the drive...or some such thing. I haven't even clicked on my photo fun program at this point. So it's not like I can use a different photo program.....The only thing I've done is plug in my camera and click on "PC" on the camera to send the pics.

Can a trojan horse infect one specific thing like not even on your pc, like a camera memory card? Why would I only get the warning when I plug in my camera now?

I can use my photo program with the pictures already on it....but I can't put any new pictures from my camera to the computer.

Dee
 

My Computer

System One

You must log in or register to reply here.
Back
Top